{
  "Version": "2008-10-17",
  "Id": "AnsibleSNSTesting",
  "Statement": [
    {
      "Sid": "CloudTrailSNSPolicy",
      "Effect": "Allow",
      "Principal": {
        "Service": "cloudtrail.amazonaws.com"
      },
      "Action": "sns:Publish",
      "Resource": "arn:aws:sns:{{ aws_region }}:{{ aws_caller_info.account }}:{{ sns_topic_name }}"
    },
    {
      "Sid": "AnsibleTestManage",
      "Effect": "Allow",
      "Principal": {
        "AWS": "{{ aws_caller_info.arn }}"
      },
      "Action": [
        "sns:Subscribe",
        "sns:ListSubscriptionsByTopic",
        "sns:DeleteTopic",
        "sns:GetTopicAttributes",
        "sns:Publish",
        "sns:RemovePermission",
        "sns:AddPermission",
        "sns:Receive",
        "sns:SetTopicAttributes"
      ],
      "Resource": "arn:aws:sns:{{ aws_region }}:{{ aws_caller_info.account }}:{{ sns_topic_name }}"
    }
  ]
}
